Forcepoint NGFW SMC 2.0.0
App Vendor: Forcepoint
App Category: Network Security
Connector Version: 2.0.0
API Version: 6.10, 7.0
Note
This app is currently released as a beta version.
About App
The Forcepoint NGFW SMC API allows secure, automated management of Forcepoint Next Generation Firewalls, facilitating configuration, policy control, monitoring, and reporting to enhance operational efficiency and security.
The Forcepoint NGFW SMC app is configured with Cyware Orchestrate to perform the following actions:
Create Firewall Policy | This action creates a new firewall policy. |
Create Host | This action creates a new host. |
Create IP List or Domain | This action creates an IP list or domain. |
Create Rule | This action creates a new rule within a specified firewall policy. |
Delete Items | This action deletes a host, domain, firewall policy, or IP list. |
Delete Rule | This action deletes a rule from a specified firewall policy. |
Get Policy Details | This action retrieves the details of the policy configured in Forcepoint NGFW SMC. |
List Items | This action lists hosts, IP lists, domains, policy templates, policies, or engines in the system. |
Update Host | This action updates an existing host. |
Update IP List | This action updates an existing IP list. |
Update Rule | This action updates a rule in the specified firewall policy. |
Upload IP | This action uploads IP addresses to the specified IP list. |
Generic Action | This is a generic action used to make requests to any Forcepoint NGFW SMC endpoint. |
Action Name | Description |
|---|
Configuration Parameters
The following configuration parameters are required for the Forcepoint NGFW SMC app to communicate with the Forcepoint NGFW SMC enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL. Example: http://localhost:8082 | Text | Required | |
API Version | Enter the API version of Forcepoint NGFW SMC. Example: 7.0 | Text | Required | |
API Key | Enter the API key to authenticate with Forcepoint NGFW SMC. | Password | Required | |
Timeout | Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with Forcepoint NGFW SMC. | Integer | Optional | Allowed range: 15-120 Default value: 15 |
Verify | Choose your preference to verify SSL or TLS while making requests. It is recommended to set this option to yes. Passing no may result in incorrectly establishing the connection. | Boolean | Optional | By default, verification is enabled. |
Action: Create Firewall Policy
This action creates a new firewall policy.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the firewall policy to be created. | Text | Required | |
Template | Enter the template name to create the firewall policy. | Text | Required | You can retrieve this using the action List Items. |
Element type | Enter the element type. Example: fw_policy | Text | Optional | Default value: fw_policy |
Action: Create Host
This action creates a new host.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the host to be created. | Text | Required | |
IPv4 Address | Enter the IPv4 address of the host, if applicable. NoteEnter either the IPv4 addresses or the IPv6 address parameter. | Text | Optional | |
IPv6 Address | Enter the IPv6 address of the host, if applicable. NoteEnter either the IPv4 addresses or the IPv6 address parameter | Text | Optional | |
Secondary Addresses | Enter a comma-separated list of the host's secondary addresses. | List | Optional | |
Comment | Enter a comment or description for the host. | Text | Optional | |
Element Type | Enter the element type. Example: host | Text | Optional | Allowed values: ip_list, fw_policy, domain_name, host, fw_template_policy, engine_clusters Default value: host |
Action: Create IP List or Domain
This action creates an IP list or a domain.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the IP list name or domain to be created. You can either create an IP list or a domain at a time. | Text | Required | |
Comment | Enter a description for the IP list or domain to be created. | Text | Required | |
Element Type | Enter the type of the element to create. | Text | Required | Allowed values: ip_list, domain_name |
Include Headers | Enter true to include response headers. | Boolean | Optional |
Action: Create Rule
This action creates a new rule within a specified firewall policy.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Policy ID | Enter the ID of the firewall policy to which the rule will be added. | Integer | Required | You can retrieve this using the action List Items. |
Rule Name | Enter the name of the rule to be created. | Text | Required | |
IP Version | Enter the IP version (IPv4 or IPv6) to be used. | Text | Required | Allowed values: v4, v6 |
Sources | Enter a list of source addresses or networks for the rule. | List | Required | Allowed source types: hosts, IP lists, domains You can retrieve the values for the respective sources using the action List Items. |
Destinations | Enter a list of destination addresses or networks for the rule. | List | Required | Allowed destination types: hosts, IP lists, domains You can retrieve the values for the respective destinations using the action List Items. |
Action | Enter the action to be taken. Example: allow | Text | Required | Allowed values: allow, continue, discard, refuse, enforce_vpn, apply_vpn, forward_vpn, blacklist, forced_next_hop |
Comment | Enter a comment or description for the rule. | Text | Optional | |
Element Type | Enter the element type. Example: fw_policy | Text | Optional | Allowed values: ip_list, fw_policy, domain_name, host, fw_template_policy, engine_clusters Default value: fw_policy |
Action: Delete Items
This action deletes a host, domain, firewall policy, or IP list.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the item to be deleted. You can either delete a host, domain, firewall policy, or IP list at a time. | Text | Required | You can retrieve this using the action List Items. |
Element Type | Enter the element type. | Text | Required | Allowed values: ip_list, fw_policy, domain_name, host |
Action: Delete Rule
This action deletes a rule from a specified firewall policy.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Policy ID | Enter the ID of the firewall policy from which the rule will be deleted. | Integer | Required | You can retrieve this using the action List Items. |
Rule Name | Enter the name of the rule to be deleted. | Text | Required | You can retrieve this using the action Get Policy Details. |
Element Type | Enter the element type. Example: fw_policy | Text | Optional | Default value: fw_policy |
Action: Get Policy Details
This action retrieves the details of the policy configured in Forcepoint NGFW SMC.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Policy ID | Enter the ID of the policy to retrieve its details. Example: 56 | Integer | Required | You can retrieve this using the action List Items. |
Element Type | Enter the element type. Example: fw_policy | Text | Optional | Default value: fw_policy |
Action: List Items
This action lists hosts, IP lists, domains, policy templates, policies, or engines in the system.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Element Type | Enter the item type to retrieve the list. | Text | Required | Allowed values: ip_list, fw_policy, domain_name, host, fw_template_policy, or engine_clusters |
Filters | Enter the parameters to filter the response. Example: hq policy | Text | Optional | |
Extra Params | Enter the extra parameters to pass to the API. Example: {"name": policy_name} | Key Value | Optional | Allowed keys: name, limit, all_results |
Action: Update Host
This action updates an existing host.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the host to be updated. | Text | Required | You can retrieve this using the action List Items. |
IPv4 Address | Enter the new IPv4 address of the host. NoteEnter either the IPv4 addresses or the IPv6 address parameter. | Text | Optional | |
IPv6 Address | Enter the new IPv6 address of the host. NoteEnter either the IPv4 addresses or the IPv6 address parameter. | Text | Optional | |
Secondary Addresses | Enter a list of secondary addresses for the host. | List | Optional | |
Comment | Enter a comment or description for the host. | Text | Optional | |
Element Type | Enter the element type. Example: host | Text | Optional | Allowed values: ip_list, fw_policy, domain_name, host, fw_template_policy, engine_clusters Default value: host |
Action: Update IP List
This action updates an existing IP list.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
List ID | Enter the ID of the IP list where the IP addresses will be updated. Example: 1704 | Integer | Required | You can retrieve this using the action List Items. |
Addresses | Enter a list of IP addresses to include in the updated IP list. | List | Required | |
Override | Enter true to overwrite the existing IP addresses in the IP list. If you enter false, the list of addresses will be appended to the existing IP list. | Boolean | Optional | Default value: false |
Element Type | Enter the element type. Example: ip_list | Text | Optional | Default value: ip_list |
IP Address | Enter the list of IP addresses. Example: $LIST[11.11.11, 192.7.5.0] | List | Required |
Action: Update Rule
This action updates a rule in the specified firewall policy.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Payload | Enter the payload to modify the rule in the policy. Example: {“comment”:”set logging default, set long timeout for ssh connections”} | Key Value | Required | |
Element Type | Enter the element type. Example: fw_policy | Text | Required | Default value: fw_policy |
Policy Type | Enter the type of the policy. Example: fw_ipv4_access_rules | Text | Required | |
Rule Name | Enter the rule name of the policy. Example: 514 | Text | Required | You can retrieve this using the action Get Policy Details. |
Action: Upload IP
This action uploads IP addresses to the specified IP list.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
IP Address | Enter the list of IP addresses that must be uploaded. Example: $LIST[11.11.11, 192.7.5.0] | List | Required | |
Element Type | Enter the element type. Example: ip_list | Text | Optional | Default value: ip_list |
List ID | Enter the ID of the IP list where the IP addresses will be uploaded. Example: 1704 | Integer | Required | You can retrieve this using the action List Items. |
Action: Generic Action
This is a generic action used to make requests to any Forcepoint NGFW SMC endpoint.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Method | Enter the HTTP method to make the request. | Text | Required | Allowed values: GET, PUT, POST, DELETE |
Endpoint | Enter the endpoint to make the request. Example: ip_list | Text | Required | |
Query Params | Enter the query parameters to pass to the API. | Key Value | Optional | |
Payload | Enter the payload to pass to the API. | Any | Optional | |
Extra Fields | Enter the extra fields to pass to the API. | Key Value | Optional | Allowed keys: payload_json, download, files, filename, retry_wait, retry_count, custom_output, response_type |